<?php
/**
 * Description of login
 *
 * @author Teis Lindemark
 */

class login {    
    private $personid;
    private $username;
    private $password;
    private $groups;
    private $accept;
    
    private $errors;
    private $login;
    private $token;
    private $year;
    
    private $db;
    
    public function __construct() {
        isset($_SESSION['personid']) ? $this->personid = $_SESSION['personid'] : null;
        isset($_SESSION['username']) ? $this->username = $_SESSION['username'] : null;
        isset($_SESSION['groups']) ? $this->groups = $_SESSION['groups'] : null;
        isset($_SESSION['accept']) ? $this->accept = $_SESSION['accept'] : null;
        unset($_SESSION['personid']);
        unset($_SESSION['username']);
        unset($_SESSION['groups']);
        unset($_SESSION['accept']);
        $this->db = new PGSQLConnector('u_superuser');
        $this->login = isset($_POST['login']) ? 1 : 0;
        if($this->login) {
            $this->username = $_POST['username'];
            $this->password = md5($_POST['password']);
            $this->token = $_POST['token'];
            $this->personid = -1;
            $this->errors = array();
            $this->groups = array();
        }
    }
    
    function __destruct() {
        $_SESSION['personid'] = $this->personid;
        $_SESSION['username'] = $this->username;
        $_SESSION['groups'] = $this->groups;
        $_SESSION['accept'] = $this->accept;
        unset($this->personid);
        unset($this->username);
        unset($this->groups);
        unset($this->token);
        unset($this->password);
        unset($this->errors);
        unset($this->accept);
    }
    
    function checkGroup() {
        $exists = false;
        for($i=0; $i < func_num_args(); $i++) {
            if(!$exists) {
                if(strlen(array_search(func_get_arg($i), $this->groups))) {
                    $exists = true;
                }
            }
        }
        return $exists;
    }
    
    function isLoggedIn() {
        if($this->accept) {
            return true;
        } else {
            return false;
        }
    }
    
    function verifyToken() {
        if($this->token != $_SESSION['token']) {
            $this->errors[] = 'Invalid login';
            return false;
        } else {
            return true;
        }
    }
    
    function login() {
        if($this->verifyToken()) {
        	global $config;
            $sql = "SELECT un.idperson\n";
            $sql .= "FROM uname AS un\n";
            $sql .= "LEFT JOIN upassword AS up ON un.username = up.username\n";
            $sql .= "WHERE up.username = '" . $this->username . "' AND up.password = '" . $this->password . "'";
            
            $rs = $this->db->queryUnique($sql);
            $this->personid = $rs['idperson'];
            
            $sql = "SELECT ug.usergroup\n";
            $sql .= "FROM uname_ugroup AS ug\n";
            $sql .= "WHERE username = '" . $this->username . "'";
            $rsgroup = $this->db->query2array($sql);
            foreach ($rsgroup as &$key) {
                $this->groups[] = $key['usergroup'];
            }
            if(($this->personid != null || $this->personid != -1) && $this->checkGroup('Applicant')) $this->accept = true;
            if($this->accept) {
                header('Location: ' . $config['webaddress'] . getMission());
            } else {
                $this->logout();
            }
        }
    }
    
    function logout() {
    	global $config;
        unset($_SESSION['personid']);
        unset($_SESSION['username']);
        unset($_SESSION['groups']);
        unset($_SESSION['accept']);
        unset($this->personid);
        unset($this->username);
        unset($this->groups);
        unset($this->token);
        unset($this->password);
        unset($this->errors);
        unset($this->accept);
        session_destroy();
        header('Location: ' . $config['webaddress']);
    }
    
    function getYear() {
        return $this->year = date('Y');
    }
    
    function getPersonid() {
        return $this->personid;
    }
    
    function getUsername() {
        return $this->username;
    }
    
    function main() {
        $template = newPage('login');
        $template->title = 'Login - IAESTE Application System';
        $token = $_SESSION['token'] = md5(time());
        $template->set('request', array('token'=>$token));
        $template->l = $this;
        try {
            echo $template->execute();
        } catch(Exception $e) {
            echo $e;
        }
    }
}
?>